Private key Generation and how public key derived from Private Key

[Zanetti]

Hi everyone!!

I'm looking information about the first process of the creation of the Bitcoin Address, because the rest of the process I know, and the only questions that I have are with the first two steps.

    1 - How is the private key generated?
I found that information:

The private key is an ECDSA secp256k1, and is a random number. This secp256k1 has to be a number between 1 and 115792089237316195423570985008687907852837564279074904382605163141518161494336 (or in hexadecimal, between 1 and FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364140).

Is really a random number of the ECDSA secp256k1 o it has an specific protocol and is not exactly a random number?

    2 - How is the public key derived from private key?
I found that in a forum:

The private key is converted to a public key by performing an Elliptic Curve point multiplication with the curve’s base point. The result is an (x,y) coordinate pair, which constitutes the public key.

There was a sinple equation or way to calculate the whole public key form the private key, or if it's complicated explain in a simple words how this conversion works? The private key is hashed with something or is a simply aplication of an equation?

I know that in the Wiki exists this process, but the first two step there aren't explain in detail, and I want to know this steps in detail.
https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addresses

And this is the topic on the forum when I find some things, but is a little bit complexe for me.
https://bitcointalk.org/index.php?topic=78132.0

If someone could help me with these two questons I would appreciate.

Thanks

[1713512002]

1713512002

[1713512002]

1713512002

[1713512002]

1713512002

[Stephen Gornick]

1 - How is the private key generated?

Is really a random number of the ECDSA secp256k1 o it has an specific protocol and is not exactly a random number?

"In Bitcoin, a private key is a single unsigned 256 bit integer (32 bytes)."
 - http://en.bitcoin.it/wiki/ECDSA

Each client can create it differently. 

With Brain wallets a private key is sha256(passphrase).

   2 - How is the public key derived from private key?

Related:
 - http://bitcoin.stackexchange.com/a/1715/153
 - http://en.bitcoin.it/wiki/Secp256k1

[Zanetti]

I read these two links but I'm still don't understand.

I'm seeing the source code of bitaddress.org but I can't find nothing. My programming level is not to high. It you can put me the part of the code that the private key generation and the next step in getting the public key appears?

Thank you!

[kjj]

Every 256 bit number is a private key.  The ones outside the range you mentioned are weak and should not be used, but they are still valid.  You can use any process at all to create your private key.  Random numbers are the safest.

The equation for the public key is simply this  P = G * k

The catch is that * in that equation is elliptic curve multiply, and not the normal real number multiply you learned in school.  Unless you have a pretty solid background in either programming or discrete math, that * is going to be a black box to you.

[Zanetti]

Thanks kjj.

I think that this multiply is really complex for me. I think that with your explanation I have more idea about the conversion of the private key in a public key.

Here is a little explanation of your equation, when k is the Private Key and G is the set of (x, y) coordinates for the secp256k1 elliptic curve, which are, in hex. (PuK = G * PrK)

https://bitcointalk.org/index.php?topic=78132.msg871600#msg871600

This is the complex equation that you told me. Is complicate for me and because I haven't so much knowledge in Maths.

[kjj]

If you are interested in how it works, I encourage you to find a library that does that multiplication in your language and look through it.  There are also tutorials on the internet for EC math.  Keep in mind that a decent library will use an optimized implementation and be incomprehensible, at first.

When I started learning about this stuff, I read through some tutorials and did some examples, then I looked under the covers of the library I was using, and nothing made any sense.  It took a while to figure out how the thing worked, and to really understand that it was doing the same thing.

My point was that you can use the stuff without a complete understanding of what happens under the covers.

[Zanetti]

I suppose that those libraries I can found in Sourceforge no? I have more knowledge about C++. If you or someone can give me the links, it would be better for me.

[CIYAM]

Bitcoin uses OpenSSL to do the crypto (and that is in C/C++) - I wouldn't expect you'll find the source code easy to understand though (although being very skilled at C++ the crypto math is not something that I can really grok).

[proff]

It should be mentioned that the group law/multiplication on an elliptic curve has a simple geometric interpretation: roughly speaking, if you draw any line in the (projective) plane, it will intersect your curve in three points, say P, Q, and R. Then  P + Q + R = 0. See any textbook or Wikipedia for a picture.